CVE-2024-20456 - Vulnerability Details

Description

A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system privileges on the affected device.

This vulnerability is due to an error in the software build process. An attacker could exploit this vulnerability by manipulating the system’s configuration options to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass of the requirement to run Cisco signed images or alter the security properties of the running system.

Published: 2024-07-10

Score: 6.7 Medium

EPSS: < 1% Very Low

KEV: No

Impact:

Action:

Analysis

No analysis available yet.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Cisco

Cisco IOS XR Software

affected

Version	Status	Constraints
`24.2.1`	affected	—

Configuration 1 [-]

AND

cpe:2.3:o:cisco:ios_xr:24.2.1:*:*:*:*:*:*:*

OR	cpe:2.3:h:cisco:8011-4g24y4h-i:-:::::::*
	cpe:2.3:h:cisco:8101-32fh:-:::::::*
	cpe:2.3:h:cisco:8101-32fh-o:-:::::::*
	cpe:2.3:h:cisco:8101-32h-o:-:::::::*
	cpe:2.3:h:cisco:8102-28fh-dpu-o:-:::::::*
	cpe:2.3:h:cisco:8102-64h:-:::::::*
	cpe:2.3:h:cisco:8102-64h-o:-:::::::*
	cpe:2.3:h:cisco:8111-32eh-o:-:::::::*
	cpe:2.3:h:cisco:8122-64eh-o:-:::::::*
	cpe:2.3:h:cisco:8122-64ehf-o:-:::::::*
	cpe:2.3:h:cisco:8201:-:::::::*
	cpe:2.3:h:cisco:8201-24h8fh:-:::::::*
	cpe:2.3:h:cisco:8201-32fh:-:::::::*
	cpe:2.3:h:cisco:8201-32fh-o:-:::::::*
	cpe:2.3:h:cisco:8202:-:::::::*
	cpe:2.3:h:cisco:8202-32fh-m:-:::::::*
	cpe:2.3:h:cisco:8212-48fh-m:-:::::::*
	cpe:2.3:h:cisco:8404:-:::::::*
	cpe:2.3:h:cisco:8501-sys-mt:-:::::::*
	cpe:2.3:h:cisco:8608:-:::::::*
	cpe:2.3:h:cisco:8700:-:::::::*
	cpe:2.3:h:cisco:8711-32fh-m:-:::::::*
	cpe:2.3:h:cisco:8712-mod-m:-:::::::*
	cpe:2.3:h:cisco:8804:-:::::::*
	cpe:2.3:h:cisco:8808:-:::::::*
	cpe:2.3:h:cisco:8812:-:::::::*
	cpe:2.3:h:cisco:8818:-:::::::*
	cpe:2.3:h:cisco:ncs_1010:-:::::::*
	cpe:2.3:h:cisco:ncs_1014:-:::::::*
	cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:::::::*
	cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540-24q2c2dd-sys:-:::::::*
	cpe:2.3:h:cisco:ncs_540-24q8l2dd-sys:-:::::::*
	cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:::::::*
	cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:::::::*
	cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540-6z14s-sys-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540-6z18g-sys-a:-:::::::*
	cpe:2.3:h:cisco:ncs_540-6z18g-sys-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540-acc-sys:-:::::::*
	cpe:2.3:h:cisco:ncs_540-fh-agg:-:::::::*
	cpe:2.3:h:cisco:ncs_540-fh-csr-sys:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-16z8q2c-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-4z14g2q-a:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-4z14g2q-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-6z18g-sys-a:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-6z18g-sys-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-8z16g-sys-a:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-8z16g-sys-d:-:::::::*
	cpe:2.3:h:cisco:ncs_540x-acc-sys:-:::::::*
	cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:::::::*
	cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:::::::*
	cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:::::::*
	cpe:2.3:h:cisco:ncs_57d2-18dd-sys:-:::::::*

No data.

Vendor	Product	Confidence	Versions
Cisco	Ios Xr Software	—	—

Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories

Source	ID	Title
EUVD	EUVD-2024-18171	A vulnerability in the boot process of Cisco IOS XR Software could allow an authenticated, local attacker with high privileges to bypass the Cisco Secure Boot functionality and load unverified software on an affected device. To exploit this successfully, the attacker must have root-system privileges on the affected device. This vulnerability is due to an error in the software build process. An attacker could exploit this vulnerability by manipulating the system’s configuration options to bypass some of the integrity checks that are performed during the booting process. A successful exploit could allow the attacker to control the boot configuration, which could enable them to bypass of the requirement to run Cisco signed images or alter the security properties of the running system.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

The EPSS score is 0.00009.

Key SSVC decision points have not yet been added.

References

Link	Providers
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-xr-secure-boot-quD5g8Ap

History

Mon, 04 Aug 2025 17:45:00 +0000

Type	Values Removed	Values Added
First Time appeared		Cisco 8011-4g24y4h-i Cisco 8101-32fh Cisco 8101-32fh-o Cisco 8101-32h-o Cisco 8102-28fh-dpu-o Cisco 8102-64h Cisco 8102-64h-o Cisco 8111-32eh-o Cisco 8122-64eh-o Cisco 8122-64ehf-o Cisco 8201 Cisco 8201-24h8fh Cisco 8201-32fh Cisco 8201-32fh-o Cisco 8202 Cisco 8202-32fh-m Cisco 8212-48fh-m Cisco 8404 Cisco 8501-sys-mt Cisco 8608 Cisco 8700 Cisco 8711-32fh-m Cisco 8712-mod-m Cisco 8804 Cisco 8808 Cisco 8812 Cisco 8818 Cisco ios Xr Cisco ncs 1010 Cisco ncs 1014 Cisco ncs 540-12z20g-sys-a Cisco ncs 540-12z20g-sys-d Cisco ncs 540-24q2c2dd-sys Cisco ncs 540-24q8l2dd-sys Cisco ncs 540-24z8q2c-sys Cisco ncs 540-28z4c-sys-a Cisco ncs 540-28z4c-sys-d Cisco ncs 540-6z14s-sys-d Cisco ncs 540-6z18g-sys-a Cisco ncs 540-6z18g-sys-d Cisco ncs 540-acc-sys Cisco ncs 540-fh-agg Cisco ncs 540-fh-csr-sys Cisco ncs 540x-12z16g-sys-a Cisco ncs 540x-12z16g-sys-d Cisco ncs 540x-16z4g8q2c-a Cisco ncs 540x-16z4g8q2c-d Cisco ncs 540x-16z8q2c-d Cisco ncs 540x-4z14g2q-a Cisco ncs 540x-4z14g2q-d Cisco ncs 540x-6z18g-sys-a Cisco ncs 540x-6z18g-sys-d Cisco ncs 540x-8z16g-sys-a Cisco ncs 540x-8z16g-sys-d Cisco ncs 540x-acc-sys Cisco ncs 57b1-5dse-sys Cisco ncs 57b1-6d24-sys Cisco ncs 57c1-48q6-sys Cisco ncs 57d2-18dd-sys
CPEs		cpe:2.3:h:cisco:8011-4g24y4h-i:-:::::::* cpe:2.3:h:cisco:8101-32fh-o:-:::::::* cpe:2.3:h:cisco:8101-32fh:-:::::::* cpe:2.3:h:cisco:8101-32h-o:-:::::::* cpe:2.3:h:cisco:8102-28fh-dpu-o:-:::::::* cpe:2.3:h:cisco:8102-64h-o:-:::::::* cpe:2.3:h:cisco:8102-64h:-:::::::* cpe:2.3:h:cisco:8111-32eh-o:-:::::::* cpe:2.3:h:cisco:8122-64eh-o:-:::::::* cpe:2.3:h:cisco:8122-64ehf-o:-:::::::* cpe:2.3:h:cisco:8201-24h8fh:-:::::::* cpe:2.3:h:cisco:8201-32fh-o:-:::::::* cpe:2.3:h:cisco:8201-32fh:-:::::::* cpe:2.3:h:cisco:8201:-:::::::* cpe:2.3:h:cisco:8202-32fh-m:-:::::::* cpe:2.3:h:cisco:8202:-:::::::* cpe:2.3:h:cisco:8212-48fh-m:-:::::::* cpe:2.3:h:cisco:8404:-:::::::* cpe:2.3:h:cisco:8501-sys-mt:-:::::::* cpe:2.3:h:cisco:8608:-:::::::* cpe:2.3:h:cisco:8700:-:::::::* cpe:2.3:h:cisco:8711-32fh-m:-:::::::* cpe:2.3:h:cisco:8712-mod-m:-:::::::* cpe:2.3:h:cisco:8804:-:::::::* cpe:2.3:h:cisco:8808:-:::::::* cpe:2.3:h:cisco:8812:-:::::::* cpe:2.3:h:cisco:8818:-:::::::* cpe:2.3:h:cisco:ncs_1010:-:::::::* cpe:2.3:h:cisco:ncs_1014:-:::::::* cpe:2.3:h:cisco:ncs_540-12z20g-sys-a:-:::::::* cpe:2.3:h:cisco:ncs_540-12z20g-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540-24q2c2dd-sys:-:::::::* cpe:2.3:h:cisco:ncs_540-24q8l2dd-sys:-:::::::* cpe:2.3:h:cisco:ncs_540-24z8q2c-sys:-:::::::* cpe:2.3:h:cisco:ncs_540-28z4c-sys-a:-:::::::* cpe:2.3:h:cisco:ncs_540-28z4c-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540-6z14s-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540-6z18g-sys-a:-:::::::* cpe:2.3:h:cisco:ncs_540-6z18g-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540-acc-sys:-:::::::* cpe:2.3:h:cisco:ncs_540-fh-agg:-:::::::* cpe:2.3:h:cisco:ncs_540-fh-csr-sys:-:::::::* cpe:2.3:h:cisco:ncs_540x-12z16g-sys-a:-:::::::* cpe:2.3:h:cisco:ncs_540x-12z16g-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-a:-:::::::* cpe:2.3:h:cisco:ncs_540x-16z4g8q2c-d:-:::::::* cpe:2.3:h:cisco:ncs_540x-16z8q2c-d:-:::::::* cpe:2.3:h:cisco:ncs_540x-4z14g2q-a:-:::::::* cpe:2.3:h:cisco:ncs_540x-4z14g2q-d:-:::::::* cpe:2.3:h:cisco:ncs_540x-6z18g-sys-a:-:::::::* cpe:2.3:h:cisco:ncs_540x-6z18g-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540x-8z16g-sys-a:-:::::::* cpe:2.3:h:cisco:ncs_540x-8z16g-sys-d:-:::::::* cpe:2.3:h:cisco:ncs_540x-acc-sys:-:::::::* cpe:2.3:h:cisco:ncs_57b1-5dse-sys:-:::::::* cpe:2.3:h:cisco:ncs_57b1-6d24-sys:-:::::::* cpe:2.3:h:cisco:ncs_57c1-48q6-sys:-:::::::* cpe:2.3:h:cisco:ncs_57d2-18dd-sys:-:::::::* cpe:2.3:o:cisco:ios_xr:24.2.1:::::::*
Vendors & Products		Cisco 8011-4g24y4h-i Cisco 8101-32fh Cisco 8101-32fh-o Cisco 8101-32h-o Cisco 8102-28fh-dpu-o Cisco 8102-64h Cisco 8102-64h-o Cisco 8111-32eh-o Cisco 8122-64eh-o Cisco 8122-64ehf-o Cisco 8201 Cisco 8201-24h8fh Cisco 8201-32fh Cisco 8201-32fh-o Cisco 8202 Cisco 8202-32fh-m Cisco 8212-48fh-m Cisco 8404 Cisco 8501-sys-mt Cisco 8608 Cisco 8700 Cisco 8711-32fh-m Cisco 8712-mod-m Cisco 8804 Cisco 8808 Cisco 8812 Cisco 8818 Cisco ios Xr Cisco ncs 1010 Cisco ncs 1014 Cisco ncs 540-12z20g-sys-a Cisco ncs 540-12z20g-sys-d Cisco ncs 540-24q2c2dd-sys Cisco ncs 540-24q8l2dd-sys Cisco ncs 540-24z8q2c-sys Cisco ncs 540-28z4c-sys-a Cisco ncs 540-28z4c-sys-d Cisco ncs 540-6z14s-sys-d Cisco ncs 540-6z18g-sys-a Cisco ncs 540-6z18g-sys-d Cisco ncs 540-acc-sys Cisco ncs 540-fh-agg Cisco ncs 540-fh-csr-sys Cisco ncs 540x-12z16g-sys-a Cisco ncs 540x-12z16g-sys-d Cisco ncs 540x-16z4g8q2c-a Cisco ncs 540x-16z4g8q2c-d Cisco ncs 540x-16z8q2c-d Cisco ncs 540x-4z14g2q-a Cisco ncs 540x-4z14g2q-d Cisco ncs 540x-6z18g-sys-a Cisco ncs 540x-6z18g-sys-d Cisco ncs 540x-8z16g-sys-a Cisco ncs 540x-8z16g-sys-d Cisco ncs 540x-acc-sys Cisco ncs 57b1-5dse-sys Cisco ncs 57b1-6d24-sys Cisco ncs 57c1-48q6-sys Cisco ncs 57d2-18dd-sys

Subscriptions

Cisco 8011-4g24y4h-i 8101-32fh 8101-32fh-o 8101-32h-o 8102-28fh-dpu-o 8102-64h 8102-64h-o 8111-32eh-o 8122-64eh-o 8122-64ehf-o 8201 8201-24h8fh 8201-32fh 8201-32fh-o 8202 8202-32fh-m 8212-48fh-m 8404 8501-sys-mt 8608 8700 8711-32fh-m 8712-mod-m 8804 8808 8812 8818 Ios Xr Ios Xr Software Ncs 1010 Ncs 1014 Ncs 540-12z20g-sys-a Ncs 540-12z20g-sys-d Ncs 540-24q2c2dd-sys Ncs 540-24q8l2dd-sys Ncs 540-24z8q2c-sys Ncs 540-28z4c-sys-a Ncs 540-28z4c-sys-d Ncs 540-6z14s-sys-d Ncs 540-6z18g-sys-a Ncs 540-6z18g-sys-d Ncs 540-acc-sys Ncs 540-fh-agg Ncs 540-fh-csr-sys Ncs 540x-12z16g-sys-a Ncs 540x-12z16g-sys-d Ncs 540x-16z4g8q2c-a Ncs 540x-16z4g8q2c-d Ncs 540x-16z8q2c-d Ncs 540x-4z14g2q-a Ncs 540x-4z14g2q-d Ncs 540x-6z18g-sys-a Ncs 540x-6z18g-sys-d Ncs 540x-8z16g-sys-a Ncs 540x-8z16g-sys-d Ncs 540x-acc-sys Ncs 57b1-5dse-sys Ncs 57b1-6d24-sys Ncs 57c1-48q6-sys Ncs 57d2-18dd-sys

MITRE

Status: PUBLISHED

Assigner: cisco

Published: 2024-07-10T16:06:22.104Z

Updated: 2024-08-01T21:59:42.190Z

Reserved: 2023-11-08T15:08:07.679Z

Link: CVE-2024-20456

Vulnrichment

Updated: 2024-08-01T21:59:42.190Z

NVD

Status : Analyzed

Published: 2024-07-10T16:15:03.703

Modified: 2025-08-04T17:44:16.417

Link: CVE-2024-20456

Redhat

No data.

OpenCVE Enrichment

Updated: 2025-07-12T22:00:48Z

Weaknesses

CWE-732

Tracking

Attack Vector Local

Attack Complexity Low

Privileges Required High

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Subscriptions

JSON object

JSON object

JSON object

JSON object

JSON object